WASHINGTON-US
FireEye Inc..,
0.71% OF THE POUND STERLING
one of the world’s largest cyber security companies has been hacked into what it believes was an advanced attack by a foreign government that has compromised its software tools used to test the security of thousands of customers.
The company stated that the intruder also had access to certain internal systems and was mainly looking for information on government customers. FireEye stated that it had not yet seen evidence that its customers’ data had been compromised from the main systems used to store it.
FireEye refused to comment on who it believes is behind this violation. A person familiar with the case stated that Russia is currently considered by the investigators to be the most likely offender, but stressed that the investigation has not yet been completed.
I have come to the conclusion that we are witnessing an attack on a nation that has offensive capabilities at the highest level.
Kevin Mandia,
The executive director of FireEye and former Air Force officer said in a blog post published Tuesday. The attackers have adapted their world-class skills specifically to the target and the Fire Eye attack.
FireEye stated that it cooperates with the Federal Bureau of Investigation and industry partners, including
Microsoft Corporation.
as part of the ongoing investigation into this incident.
The FBI did not react immediately to the request for comments. M. Mandia said federal investigators share the company’s view that the violation was committed by a sophisticated foreign government
Individuals familiar with the study stated that the hackers were disciplined and used a rare combination of sophisticated attack tools, some of which had apparently never before been used in known attacks on other victims – an unusual display of sophistication and determination – and were specifically designed to compromise FireEye.
It was a sniper shot that went right through it, said a man familiar with the investigation.
Headquartered in California, FireEye is one of the largest cyber security companies in the world, with more than a dozen offices worldwide and thousands of employees. The company is considered a pioneer in detecting and responding to cyber attacks by foreign governments such as China and Iran. It often links publicly productive pirate groups with certain foreign intelligence services.
In his blog post, Mandia said researchers don’t know what the hackers will do with his compromised Red Team tools, which are used by cybersecurity companies to monitor the protection of their customers and identify potential vulnerabilities that could be attacked. He said more than 300 countermeasures have been taken to protect customers and the wider Internet community and that there is no evidence yet of the use of stolen Red Team tools.
It is not clear when the breach occurred or when FireEye was notified, and people familiar with the investigation said the company was not sure how the attackers had hacked into its systems.
Dmitri Alperovich,
The cyber security expert, who was briefed on the details of the breach, said other security companies such as RSA and Kaspersky Laboratory had been compromised by government hackers in the past.
They’re doing it to gain knowledge that can help them overcome safety measures and hack organisations around the world, said Alperovic, co-founder of Silverado Policy Accelerator and former director of Silverado Policy Accelerator, a former safety consulting firm.
Mafia strike,
a cybersecurity company competing with FireEye. Because FireEye quickly and transparently exposes what happened to them and exposes Red Team tools stolen by their opponents, they help minimize the chances of others being compromised by this violation.
Because they are reliable in terms of the level of access to their customers’ networks, cybersecurity companies are an attractive target for hackers, who in turn can use their access to infiltrate their customers’ systems. In 2011, the provider of RSA Security LLC was hacked by hackers associated with China by the National Security Agency, which denied their involvement. According to security experts, the idea behind the hacking was to gain access to RSA’s encryption technology, which can then be used to attack their customers.
During the two weeks they were there, it was a game of cat and mouse, a former CEO of the RSA,
Art Coveylo
the Wall Street Journal said last year. Eventually, the RSA called Mandiant to investigate the robbery. RSA did not respond directly to an e-mail requesting a comment.
-Rober McMillan contributed to this article. -Rober McMillan.
Copyright ©2020 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8
Related Tags:
